CVE-2015-3058Sensitive Information Exposure in Adobe Acrobat

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
5.7%
top 9.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedMay 13
Latest updateMay 17

Description

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to obtain sensitive information from process memory via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDadobe/acrobat_reader25 versions+24
NVDadobe/acrobat25 versions+24

Patches

Patch: helpx.adobe.comPatch: helpx.adobe.com

🔴Vulnerability Details

1
GHSA
GHSA-wh5x-q5gm-wp8v: Adobe Reader and Acrobat 102022-05-17

🕵️Threat Intelligence

1
Zscaler
Zscaler detects Flash Player Vulnerabilities | 05-21-2015
CVE-2015-3058 — Sensitive Information Exposure in Adobe | cvebase